rpms
/
miniz
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix an unitialized memory in tinfl_decompress_mem_to_callback()

Browse Source
epel9
Petr Písař 3 years ago
parent c2396679e8
commit 3f05cb17ac
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File

32
miniz-2.2.0-Fix-use-of-uninitialized-memory-in-tinfl_decompress_.patch
Unescape View File

@ -0,0 +1,32 @@
From 98f4698e81e6d06653201639cf9a75c3c1464884 Mon Sep 17 00:00:00 2001
From: Cameron Cawley <ccawley2011@gmail.com>
Date: Sun, 25 Jul 2021 15:36:22 +0100
Subject: [PATCH] Fix use of uninitialized memory in
tinfl_decompress_mem_to_callback()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Co-authored-by: sezero <sezero@users.noreply.github.com>
Petr Písař: Ported to 2.2.0.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
miniz.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/miniz.c b/miniz.c
index 87bdedb..af27389 100644
--- a/miniz.c
+++ b/miniz.c
@@ -2916,6 +2916,7 @@ int tinfl_decompress_mem_to_callback(const void *pIn_buf, size_t *pIn_buf_size,
size_t in_buf_ofs = 0, dict_ofs = 0;
if (!pDict)
return TINFL_STATUS_FAILED;
+ memset(pDict,0,TINFL_LZ_DICT_SIZE);
tinfl_init(&decomp);
for (;;)
{
--
2.34.1

9
miniz.spec
Unescape View File

@ -4,7 +4,7 @@
Name: miniz Name: miniz
Version: 2.2.0 Version: 2.2.0
Release: 1%{?dist} Release: 2%{?dist}
Summary: Compression library implementing the zlib and Deflate Summary: Compression library implementing the zlib and Deflate
# LICENSE: MIT text # LICENSE: MIT text
# miniz.c: MIT # miniz.c: MIT
@ -17,6 +17,9 @@ Source0: %{url}/releases/download/%{version}/%{name}-%{version}.zip
# Adjust examples for building against a system miniz library, # Adjust examples for building against a system miniz library,
# not suitable for upstream that prefers a copy-lib approach. # not suitable for upstream that prefers a copy-lib approach.
Patch0: miniz-2.2.0-Examples-to-include-system-miniz.h.patch Patch0: miniz-2.2.0-Examples-to-include-system-miniz.h.patch
# Fix an unitialized memory in tinfl_decompress_mem_to_callback(), GH#197,
# in upstream after 2.2.0.
Patch1: miniz-2.2.0-Fix-use-of-uninitialized-memory-in-tinfl_decompress_.patch
BuildRequires: coreutils BuildRequires: coreutils
# diffutils for cmp # diffutils for cmp
BuildRequires: diffutils BuildRequires: diffutils
@ -55,6 +58,7 @@ Header files for developing applications that use the %{name} library.
%setup -c -T -n %{name}-%{version} %setup -c -T -n %{name}-%{version}
unzip -e '%{SOURCE0}' unzip -e '%{SOURCE0}'
%patch0 -p1 %patch0 -p1
%patch1 -p1
# Normalize end-of-lines # Normalize end-of-lines
sed -e 's/\r$//' ChangeLog.md > ChangeLog.md.new sed -e 's/\r$//' ChangeLog.md > ChangeLog.md.new
touch -r ChangeLog.md ChangeLog.md.new touch -r ChangeLog.md ChangeLog.md.new
@ -131,6 +135,9 @@ install -m 0644 %{name}.h '%{buildroot}/%{_includedir}'
%changelog %changelog
* Mon Jan 24 2022 Petr Pisar <ppisar@redhat.com> - 2.2.0-2
- Fix an unitialized memory in tinfl_decompress_mem_to_callback() (GH#197)
* Wed Aug 11 2021 Petr Pisar <ppisar@redhat.com> - 2.2.0-1 * Wed Aug 11 2021 Petr Pisar <ppisar@redhat.com> - 2.2.0-1
- 2.2.0 bump - 2.2.0 bump

Write Preview
Loading…
Cancel
Save